Can a server login a user without having the password?

Hello there!

It is possible to get a user logged-in in the client-side from a server without having a password?

For example, when using Passport, it is possible to login a user with JWT in the client using this library: passport-jwt

In this link, is mentioned that Auth0 can add token authentication to your application.

Wondering how can I achieve it?
Can anyone point me in the right direction?
Thanks

Hello there! Can I get a reply? :slight_smile:

Hi @victor5

I am not sure what you are asking. If you need passwordless login, we do support that:

If you are asking something else, I am not sure.

John

thank you, John. I’m looking for an API that can be used to get a specific user access token without having the password of the user. To implement several uses cases where our servers perform the identity check and then we just want to get the user logged in without having to send an email/SMS. Is this possible?

Hi @victor5

Sorry, I am not understanding very well.

Getting an access token without a password is a violation of security.

You might benefit from professional services, this sounds a little complex to me.

John

Hi @john.gateley

Thank you for your reply.

Is not that complex. Firebase allows to get logged-in with a custom JWT, see Create Custom Tokens  |  Firebase Documentation

Is there a similar option in Auth0?

Many thanks for your help and support

Hi @victor5

This looks like token exchange, and Auth0 does not yet support that.
There are alternatives of course, depending on your use case.

John